Description
The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2022-21306 Vulnerability (CVE-2022-21306)
WordPress Plugin Gutenberg Template Library & Redux Framework Multiple Vulnerabilities (4.2.11)
WordPress Plugin Localize My Post Local File Inclusion (1.0)
Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-1238)
WordPress Plugin Slick Popup:Contact Form 7 Popup Privilege Escalation (1.7.1)